Convert LDAP User to SAML2

BookStackApp / BookStack

A platform to create documentation/wiki content built with PHP & Laravel

https://www.bookstackapp.com/

MIT License

15.43k stars 1.94k forks source link

Convert LDAP User to SAML2 #5270

Open reddexx opened 1 month ago

reddexx commented 1 month ago

Attempted Debugging

[X] I have read the debugging page

Searched GitHub Issues

[X] I have searched GitHub for the issue.

Describe the Scenario

Hello,

is there a possibility to convert the users from LDAP to SAML2?

Exact BookStack Version

24.10

Log Content

No response

Hosting Environment

Debian (VM)

ssddanbrown commented 1 month ago

Hi @reddexx,

You'd have to update the "External Authentication ID" value to match their new expected value that they'd get from the SAML auth system (the property of which is dictated by the SAML2_EXTERNAL_ID_ATTRIBUTE option). If the same property can be used, which you already have via LDAP, via SAML then you might not need to alter anything on the BookStack side.

If you do need to update many "External Authentication ID" values, you could alternative do this via the API or database.

reddexx commented 1 month ago

@ssddanbrown

For us, the External Authentication ID looks like this:

grafik

but this does not correspond to SAML2 External Authentication ID

ssddanbrown commented 1 month ago

Ah, okay, yeah I doubt you'll have full LDAP DN info in SAML. Would have to change it up to be an appropriate unique ID that your SAML system can provide.